1. Field of the Invention
The invention relates generally to the field of computer science. More particularly, the invention relates to software.
2. Discussion of the Related Art
Prior art source code compilers are known to those skilled in the art. A source code compiler transforms source code into an executable, shared object library or object file. The resulting executable, shared object library or object file is then utilized by a computer system.
The executable, shared object library or object file may be specific to a given computer system and can be very difficult to reverse engineer. Consequently, the proprietary content of these files is relatively secure.
On the other hand, the proprietary content of source code is relatively non-secure. There are times in which source code for some or all of an application will be exposed to one or more individuals in an insecure environment. The person or company that wrote, generated, or distributed the source code may find this unacceptable but may have no recourse except to do so and attempt to limit exposure through the use of copyright, legal agreements and reverse engineering impediments.
The source code itself is vulnerable to copying. Although source code may be copyrighted, detection of unauthorized copying may be impossible. Further, even where detection is possible, the cost of copyright enforcement may be prohibitive. Therefore, what is needed is a solution that protects the proprietary content of source code more effectively than copyright.
Legal agreements (e.g., licenses, nondisclosure agreements, etc.) can also have violation detection and enforcement problems. Therefore, what is also needed is a solution that protects the proprietary content of source code more effectively than by legal agreement.
Source code is also vulnerable to reverse engineering. The proprietary content of source code can be harvested without apparent copyright violation if the algorithmic content can be gleamed through analysis and then restyled as another expression. Reverse engineering can also present practical problems to respect to legal agreements. What is also needed, therefore, is a solution that protects the proprietary content of source code from reverse engineering.
One unsatisfactory approach, in an attempt to protect the proprietary content of source code involves obfuscation. For instance, an algorithm may be discretely located within a much larger block of code. Further, an algorithm may be separated into subsections that are individually located throughout different parts of a program. Furthermore, spurious code lines may be added to the algorithm and/or the program in a deliberate attempt to mislead.
Another approach to obfuscation involves removing all meaningful variable names and replacing them with non-meaningful ones (for example, replace “BinaryTreePointer” with “I1”. The approach can also be extended to removing all comments, indentation, etc. that makes code easy to read. Finally, another approach to obfuscation involves replacing sections of code with macros that make the reverse engineering of such code more difficult.
However, given enough time and/or resources, systematic analysis may yield the algorithmic content despite attempts at obfuscation. Therefore, what is also needed is a solution that impedes reverse engineering more effectively than obfuscation.
Another disadvantage of the obfuscation approach is that debugging and/or modification of the source code may become problematic. The tactics used for obfuscation can make it more difficult for a subsequent authorized programmer to understand the source code, especially when documentation is nonexistent. Therefore, what is also needed is a solution that impedes reverse engineering without hindering debugging and/or modification of the source code.
Another disadvantage of the obfuscation approach has been relatively high cost. A large amount of extraneous code may be required to provide cover for the proprietary content. These additional lines of code can increase the time required to compile substantially. Therefore, what is also needed is a solution that prevents reverse engineering in a more cost-effective manner.
Heretofore, the requirements of providing more effective protection for source code than copyright, legal agreement or obfuscation, without hindering debugging and/or modification or incurring excessive costs, referred to above have not been fully met. What is needed is a solution that addresses all of these requirements.